All replies

Did you adjust settings in Control Panel\All Control Panel Items\Windows Firewall\Allowed Programs?

Otherwise you may try the following method.

1. Open “Control Panel\All Control Panel Items\Windows Firewall”.2. In the “Inbound Rules”, find the entries related to the VPN connection. You will see that each policy can be for one or all of the profiles. 3. Right-click on it and change related settings. 4. You can also change rules in “Outbound Rules”.

I've tried enabling and disabling each of the firewall rules for each connection. I've also tried setting the device adapter to TAP mode vs TUN mode (to make it appear more as a LAN connection than a routed connection).

The preceding commands then have my networks identified properly. Local Area Connection, the physical connection to my untrusted networks, is a Public profile and the TAP adapter, Local Area Connection 2, gets thrown into the "Home" profile.

The problem is that connections still aren't getting out except for the rules I've allowed on the public profile. If I set PUBLIC to Default BLOCK, the only thing that gets out (now routed over the VPN connection) are the things I've explicitly allowed.

If I go in and add a specific rule for the Private Profile to allow, nothing still gets out.

If I fully disable Windows Firewall, everything gets out and gets routed properly. I'm able to connect to the internet via browser, applications, etc.

It's been a while since I've visited this issue but would like to revisit it. I thank you for your response, but it has not helped. I have made sure to uncheck the Public Profile from "Local Area Connection 2", which is the OpenVPN TUN Adapter. The Public profile settings still get applied to this connection.

I'd like to leave my contribution. See what worked on my case ... Windows 7 and Windows 8...

I spend a lot of time with this problem of client inbound conectivity.

Disabling the TAP interface on firewall works fine, buts it's almost the same of turn off firewall in the VPN context. The VPN machines are running in different security contexts and some can affect others.

I tried the configuration of "default gateway" what recognize the network as a "Work Network" (just in Win7, not on Win8), and nevertheless did not PING!

Manually add a "*NdisDeviceType" record in the registry also not worked at Win8.

So, seeing mindfully Windows Firewall configuration I saw another scope configurations rather than just profiles, so I tried run another service rather than PING and what was my surprise when it worked properly, even in "Unidentified Networks" and "Public Profile"!

So, I tried to isolate de PING problem, and the configuration that make it works was the following: The default Windows Firewall entry thats enable outside IPv4 PING is "File and Printer Sharing (Echo Request - ICMv4-In)", so in his properties, I clicked on
"Scope", and in "Remote IP Address" I changed from "Local subnet" to "Any IP address", and this did make PING work.

Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.